基于NTRU格的云数据可撤销属性基加密方案

Revocable attribute-based encryption based on NTRU lattices for cloud data

针对现有基于离散对数求解难题的云数据加密方案无法抵御量子计算攻击并同时实现安全有效的属性撤销问题,提出一种基于NTRU格的云数据可撤销密文策略属性基加密方案RNL-ABE.首先将基于NTRU格的加密算法与属性基加密结合以抵御量子计算攻击,实现细粒度访问控制和安全属性撤销,避免重新进行密钥分发;改进密钥结构,防止系统中的合法用户、撤销用户、外部攻击者之间实施共谋攻击.最后基于环上误差学习难题(R-LWE),对RNL-ABE方案进行了形式化证明,并与同类型方案进行了仿真性能比较.结果表明:RNL-ABE方案在选择属性集模型下能够抵御量子计算攻击并实现安全的属性撤销;相比其他同类型方案,所提出方案在效率上更具有优势,计算和通信开销均减少50%以上.

Aiming at the problem that the existing cloud data encryption schemes based on discrete logarithm solution were unable to resist quantum computing attacks and realize secure and effective attribute revocation at the same time,a new revocable ciphertext-policy attribute-based encryption(CP-ABE)scheme based on number theory research unit(NTRU)lattices for cloud data,called the RNL-ABE,was proposed.First,an encryption algorithm based on NTRU lattices was combined with attribute-based encryption to resist quantum computing attacks.And the fine-grained access control and the security attribute revocation were realized to avoid key re-distribution.Collusion attacks among legal users,revoked users and online intruders were defended by improving key structure.Finally,the RNL-ABE scheme was formally proved based on the learning with error problem over ring(R-LWE),and the simulation performances were compared with those of similar schemes.The results show that the RNL-ABE scheme can resist the quantum computing attacks and realize secure attribute revocation on the selective-set model.Compared with other similar schemes,the proposed scheme has more advantages in the efficiency,and the computing cost and communication cost are reduced by more than 50%.